Page 3 of 3 FirstFirst 123
Results 21 to 30 of 30

Thread: WordPress Attack Underway: WordPress Users Must Upgrade [ALERT]

  1. #21
    Yeah just upgraded all my blogs, thank for the info

  2. #22
    Thanks for the alert.

    BTW WP version above 2.7 safe or not ?

    DON.

  3. #23
    Join Date
    Sep 2009
    Location
    Greece
    Posts
    121
    A mate of mine told me a day or two ago about that issue but to be honest i was so lazy to upgrade it (what the hell...i had just to press a button to upgrade it but still too lazy xD) anywayz after reading the article from mashable i went asap and upgrade it xD

  4. Thanks for the alert. Upgrading my blog to the latest version. Are there any other clues that will tell you that your site has been attacked? Haven't updated my blog lately and I'm afraid that it might be infected.

  5. #25
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Some users are reporting memory issues with wordpress 2.8.x

    Quote Originally Posted by dodolls View Post
    Thanks for the alert. Upgrading my blog to the latest version. Are there any other clues that will tell you that your site has been attacked? Haven't updated my blog lately and I'm afraid that it might be infected.
    There are two clues that your WordPress site has been attacked.

    There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFER ER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

    The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account.
    WordPress Attack Underway: WordPress Users Must Upgrade [ALERT]

  6. #26
    Is the "hidden" admin attacker account visible in Users section in WP admin interface or need to dig the database to find it?

  7. #27
    I have had a issue with people going to

    http://www.mydomain.com/2009/09/my-post-title/%quote

    I have no idea where the %quote is coming from, but its only after the update to 2.8.x

    I don't have that link on any of my pages

  8. #28
    One of my upgraded and normal site just got defaced but I think it is up to host.

    They somehow managed password for my wordpress installation and they just edited index.php, but hacker could easily delete the whole site...


    It was WP 2.8.4.

  9. #29
    Quote Originally Posted by Hellas View Post
    One of my upgraded and normal site just got defaced but I think it is up to host.

    They somehow managed password for my wordpress installation and they just edited index.php, but hacker could easily delete the whole site...


    It was WP 2.8.4.
    Really sad to hear that. Have you checked your server logs?

  10. #30
    Quote Originally Posted by Snak3 View Post
    Really sad to hear that. Have you checked your server logs?
    I am lazy just restored backup and changed passwords.

    Will bother with that if they continue to hack it

Page 3 of 3 FirstFirst 123

Similar Threads

  1. Wordpress Automatic Upgrade Problem
    By Pathan in forum Wordpress
    Replies: 9
    Last Post: 13 September, 2009, 07:39 AM
  2. Replies: 14
    Last Post: 30 August, 2009, 02:33 AM
  3. Replies: 0
    Last Post: 2 August, 2009, 06:59 AM
  4. Wordpress 2.8.1 upgrade mandatory
    By sizzler_chetan in forum Wordpress
    Replies: 3
    Last Post: 11 July, 2009, 21:01 PM
  5. SEO Tip for Wordpress users.
    By mega in forum Promoting
    Replies: 0
    Last Post: 10 May, 2009, 23:58 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •